/*
 * HSM Proxy Project.
 * Copyright (C) 2013 FedICT.
 * Copyright (C) 2013 Frank Cornelis.
 *
 * This is free software; you can redistribute it and/or modify it
 * under the terms of the GNU Lesser General Public License version
 * 3.0 as published by the Free Software Foundation.
 *
 * This software is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this software; if not, see 
 * http://www.gnu.org/licenses/.
 */

package be.fedict.hsm.model.admin;

import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.LinkedList;
import java.util.List;

import javax.annotation.security.RolesAllowed;
import javax.ejb.EJB;
import javax.ejb.Stateless;
import javax.persistence.EntityManager;
import javax.persistence.PersistenceContext;

import org.jboss.ejb3.annotation.SecurityDomain;

import be.fedict.hsm.entity.ApplicationEntity;
import be.fedict.hsm.entity.ApplicationKeyEntity;
import be.fedict.hsm.entity.KeyStoreEntity;
import be.fedict.hsm.entity.KeyStoreType;
import be.fedict.hsm.model.KeyStoreSingletonBean;
import be.fedict.hsm.model.exception.ExistingKeyStoreException;
import be.fedict.hsm.model.exception.KeyStoreInUseException;
import be.fedict.hsm.model.security.AdministratorRoles;
import be.fedict.hsm.model.security.AdministratorSecurityDomain;

@Stateless
@SecurityDomain(AdministratorSecurityDomain.NAME)
@RolesAllowed(AdministratorRoles.ADMINISTRATOR)
public class KeyStoreManagerBean {

	@PersistenceContext
	private EntityManager entityManager;

	@EJB
	private KeyStoreSingletonBean keyStoreSingletonBean;

	public List<KeyStoreEntity> getKeyStoreList() {
		return KeyStoreEntity.getList(this.entityManager);
	}

	public boolean addKeyStore(String name, KeyStoreType keyStoreType,
			String path, String password, int slotListIndex)
			throws ExistingKeyStoreException {
		if (KeyStoreEntity.hasKeyStore(this.entityManager, name)) {
			throw new ExistingKeyStoreException();
		}
		KeyStoreEntity keyStoreEntity = new KeyStoreEntity(name, keyStoreType,
				path, password, slotListIndex);
		this.entityManager.persist(keyStoreEntity);
		return this.keyStoreSingletonBean.newKeyStore(keyStoreEntity.getId());
	}

	public void removeKeyStore(KeyStoreEntity keyStore)
			throws KeyStoreInUseException {
		KeyStoreEntity keyStoreEntity = this.entityManager.find(
				KeyStoreEntity.class, keyStore.getId());
		List<ApplicationEntity> usingApplications = ApplicationKeyEntity
				.getApplications(this.entityManager, keyStoreEntity);
		if (false == usingApplications.isEmpty()) {
			throw new KeyStoreInUseException();
		}
		this.entityManager.remove(keyStoreEntity);
		this.keyStoreSingletonBean.removeKeyStore(keyStoreEntity.getId());
	}

	public List<String> getKeyStoreAliases(long keyStoreId) {
		return this.keyStoreSingletonBean.getKeyStoreAliases(keyStoreId);
	}

	public List<ApplicationEntity> getKeyStoreApplications(long keyStoreId) {
		KeyStoreEntity keyStoreEntity = this.entityManager.find(
				KeyStoreEntity.class, keyStoreId);
		return ApplicationKeyEntity.getApplications(this.entityManager,
				keyStoreEntity);
	}

	public boolean saveKeyStore(KeyStoreEntity changedKeyStore) {
		KeyStoreEntity keyStoreEntity = this.entityManager.find(
				KeyStoreEntity.class, changedKeyStore.getId());
		keyStoreEntity.save(changedKeyStore);
		return this.keyStoreSingletonBean.reload(keyStoreEntity.getId());
	}

	public List<X509Certificate> getCertificateChain(long keyStoreId,
			String keyStoreAlias) {
		Certificate[] certificateChain = this.keyStoreSingletonBean
				.getCertificateChain(keyStoreId, keyStoreAlias);
		List<X509Certificate> resultList = new LinkedList<X509Certificate>();
		for (Certificate certificate : certificateChain) {
			resultList.add((X509Certificate) certificate);
		}
		return resultList;
	}
}
